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Abstract - This paper discusses about a new algorithm in the area of cryptography. The 
expected to find an extensive use in wireless telecom networks for end-to-end network sect 
stream cipher based on dynamic S-box is designed, implemented and tested in MATLAB. ~" 
thus generated is tested through 16 different randomness tests mentioned in one 
publication 800-22 [2]. For this implementation many references have been taken fror 
Advanced Encryption Standard structure. This work was done as part of the fuli__ 
Technology at Manipal Institute of Technology, Manipal. 

I. Introduction 

We need security to feel safe in life. Whether it is about feeling or^b/uVtrK information security in 
computer network, security has always been one of the main cqriki'S^^>ne of the several available 
methods to secure the information in any network is cryptography ^wl^fcrrf ciphers and block ciphers are 
one of the classifications of cipher structures. In this paper we cojreeiitafete mainly on stream ciphers since 
our work and the findings are on stream ciphers. 

Stream ciphers are essentially meant to be a pseudorandoaa\er«erator. So this implementation work aims to 
generate a stream that is random in nature. To verif^AJ^randomness of the resulting stream we apply 
around 16 randomness tests on the stream. For that^t^ first implement those 16 tests in Matlab. And to 
check the correctness of the Matlab implementatkj\^rrhese 16 tests, we apply these tests first on one of the 
already existing stream cipher. And the referetfcA&ream cipher we take for this purpose is RC4 stream 
cipher. 




$ Reference Algorithm 

There is a high need to improve t]C*1feisWig stream ciphers by introducing more non-linearity into it. Before 
doing this we intend to stud^iny^rthe existing stream cipher algorithm so as to make a comparative 
study. And the algorithm that^^choose for this purpose is the RC4 algorithm. 

RC4 is a stream cipher^aiMlgned in 1987 by Ron Rivest.lt is a variable key-size stream cipher with byte- 
oriented operations, ^ifal^jgorithm is based on the use of a random permutation. It is the most widely used 
cipher. The algorkhfiXj^based on the use of a random permutation. Analysis shows that the period of the 
cipher is overv%h<irnYigly likely to be greater than 10 100 . Eight to sixteen machine operations are required per 
output byte, Jfll^lhe cipher can be expected to run very quickly in software' 1 ' . 

Taking^l^^bse factors into consideration we come to a conclusion that RC4 is the best choice to start this 
work^Vordingly we start with the implementation of RC4 algorithm in Matlab. 

III. Statistical Test Suite for Validating Randomness 

Next work is to validate the RC4 key stream as random. The intention behind this validation is not to test 
the RC4 algorithm instead to make sure the correctness in the implementation of those 16 tests that are to 
be run on RC4. 



NIST issued a special publication (800-22) that discusses about aspects of selecting and testing random and 
pseudorandom number generators ' 2 l The generators suitable for use in cryptographic applications may 
need to meet stronger requirements than for other applications. NIST publication discusses about some 
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criteria for characterizing and selecting appropriate generators. With help of these criteria we can decide 
whether our new stream cipher generated is a perfect random generator or not. 

Randomness is a probabilistic property. Various statistical tests can be applied to a sequence to attempt to 
compare and evaluate the sequence to a truly random sequence. The properties of a random sequence can 
be characterized and described in terms of probability. For each applied test, decision or conclusion is 
derived that accepts or rejects the sequence that was produced. The statistic value is a function of the data. 
Test statistic is used to calculate a P-value that summarizes the strength of the stream generated. For th^se 
tests; each P-value is the probability that a perfect random number generator would have produ^f^a^ 
sequence less random than the sequence that was tested , given the kind of non-randomness ass^sA^by 
the test. A P-value > o.oi would mean that the sequence would be considered to be randwr^Ath a 
confidence of 99%.A P-value < o.oi would mean that the sequence is non-random with a coVfi^ence of 

IV. Random Number Generation Tests 

The NIST Test suite is a statistical package consisting of 16 tests that were developfit^oVest the randomness 
of binary sequences produced by either hardware or software based <A|nregraphic random or 
pseudorandom number generators. The 16 tests are: \^ 

1. The frequency Test: Purpose is to determine whether the nurafe^^^nes and zeros in a sequence 
are approximately the same as would be expected for a truly ^m>d^frAequence. 



Frequency Test within a block: Purpose of this test isiftidsrermine whether the frequency of ones 
in an M-bit block is approximately M/2, as would be exjfefted under an assumption of randomness. 

Runs Test: Purpose is to determine whether tH^*»mber of ones and zeros of various lengths is as 
expected for a random sequence. ^^^^ 

Test for the Longest Run of ones in a DiVck: Purpose is to determine whether the length of the 
longest run of ones that would be e^N^ted in a random sequence. 

Binary Matrix Rank Test: Pujjfcsars to check for linear dependence among fixed length substrings 
of the original sequence. x^V, 

Discrete Fourier TranffioWi (Spectral) Test: Purpose is to detect the periodic features in the tested 
sequence that wnd^raJrfcate a deviation from the assumption of randomness. 



<3 



7. Non- overlaHg™*Template Matching Test: Purpose is to detect generators that produce too many 
occurrences given non -periodic pattern. For this test an m-bit window is used to search for a 
specifrM^b/t pattern. If the pattern is not found, the window slides one bit position. If the pattern 
is farfn>^he window is reset to the bit after the found pattern, and the search resumes. 

3. '^SWapping Template matching Test: The difference between this test and test number 7 is that 
f"j/hen the pattern is found, the window slides only one bit before resuming the search. 



Maurer's Universal Statistical Test: Purpose of this test is to detect whether or not the sequence can 
be significantly compressed without loss of information. 

Lempel-Ziv Compression Test: Purpose is to determine how far the tested sequence can be 



Linearity Complexity Test: Purpose of this test is to determine whether or not the sequence is 
complex enough to be considered random. 
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12. Serial Test: Purpose is to determine whether the number of occurrences of the 2m m-bit 
overlapping patterns is approximately the same as would be expected for a random sequence. 

13. Approximate Entropy Test: Purpose is to compare the frequency of overlapping blocks of two 
consecutive lengths against the expected result for a random sequence. 



14. Cumulative Sums Test: Purpose is to determine whether the cumulative sum of the partial 
sequences occurring in the tested sequence is too large or too small relative to the expected 
behavior of that cumulative sum for random sequences. 

15. Random Excursions Test: Purpose is to determine if the number of visits to a partisJ^^state 
within a cycle deviates from what one would expect for a random sequence. 

16. Random Excursions variant Test: Purpose is to detect deviations from the expecj£^^3iber of visits 
to various states in the random walk. 

All the above tests are implemented in Matlab and we run them on RC4 key srf^anr. We find that all the 
tests are successfully run on RC4 and give a P- value > 0.01. We can now pro<S|ea»vith the implementation 
of new stream cipher based on dynamic S-box. £ 

V. Random Number Generaticfc^^gits 

For new stream cipher generation we make use of the AES Key/ ffi yBTsion method w . But here we use a 
dynamic S-box which is dependent on input key value. Then }/fcs*Kg this dynamic S-box we generate key 
stream by AES Key expansion method. . ^/ 

To begin with stream cipher generation, we generate alC^ox depending on the input key value. We input 
a 16 byte key value. The binary equivalent of this li^X** key is stored in an array. We find a non-singular 
matrix by selecting first 8*8 = 64 bits of the arra^fc3[ tne determinant of the 8 by 8 matrix formed by these 
64 bits is zero then we take next 64 bits (do^Dy one bit left shift of the binary values in the key 
array). Once we find a non-singular matrix^fWn the input key, we store it in another temporary array so 
that it can be used later for S-box generaArrSWe keep a dummy key which will be useful, incase if the first 
key fails to give a non-singular matri^ 



Now we proceed with the genetatiomof dynamic S-box by following the steps mentioned for AES algorithm. 
But here modulo polynomial fcegd not be constant always. Selection of irreducible modulo polynomial is 
also left to the user. Also wi^^roing affine transformation ax + b = c, the value of 'c' is also a user's choice. 
The matrix 'a' in the affW^OTfisformation is the one obtained by the input key w . 

Thus the resultina^^R cannot be predicted just by looking at the input key and for different input keys 
we are able to^efc^r^te different S-box providing non-linearity to the cipher structure. We use this dynamic 
Mn^^on-li 
LethocW^^Stfuce the key stream [4 l 

p validate the randomness of the resulting key stream we apply the NIST tests on key stream. 
1 and 2 give a flowchart of the implementation work carried out. Key Stream shown in figure 2 is the 
wated random stream upon which FIPS mentioned 16 tests were successfully tested. 



S-box providffl^^on-linearity to the cipher structure. We use this dynamic S-box in AES Key expansion 
imm^uce 
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Form 

matrix with 
first 64 bits 




Figure 1 . S-box generation 

JS^J VI. Preliminary Result Analysis 



Figure 2. Key generatio 



earlier, before we generate and test our new stream cipher we should be sure about the 
♦te 16 randomness tests we have implemented. For this purpose we take RC4 as the reference 
because RC4 already known as a perfect random stream generator l4 l If all the 16 randomness 
fccessfully run on RC4 and gives the desired result i.e., a P-value > 0.01, then we can be sure about 
w^diong / implementation of 16 randomness tests. 

When we tested RC4 key stream with the 16 randomness tests we obtained a P-value > 0.01 for all 16 tests. 
With this preliminary result it was easy to go ahead with our new stream cipher generation without any 
confusion about the correctness in the implementation of 16 randomness tests. 
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VI. Results 

We implemented all 16 tests in MATLAB and then these tests were run on the RC4 generated key stream. 
We first generate 256 bytes of key stream. The generated key stream is tested for its randomness. Table 4.1 
gives the result obtained when the tests were run on different lengths of key stream. As discussed in earlier 
chapters the method of validating the randomness of key stream is by checking the P-value. If the obtained 
P-value is less than 0.01 then the key stream is declared as non-random. If the P-value is greater than or 
equal to 0.01 then the key stream is declared as a valid random key stream. 

One fact to be observed here is that RC4 is already known for the randomness in its resulting key s 
Therefore while testing RC4 we have not considered more than 3 to 4 scenarios. If by running kJ! 
scenarios we can obtain a P-value of greater than or equal to 0.01 that itself is a valid result tofcrccet 
the next step. The NIST Test suite however mentions that more the number of scenarios oasse^ 
the resulting algorithm. While testing our new stream cipher therefore we considWJ^^ny different 
scenarios by taking different input keys. But only selected 5 scenarios are highlighted ii 

All the columns shown in table 1 are tested for a key stream length of 8800 bytes. ^^^est the key stream for 
different values of input key. There are two different input keys used in our HaNlementation. One is to 
generate the dynamic S-box and the other to use for the key expansion^raiffie. The key used for key 
expansion routine is changed and for all the changed values of key we #eMi£6n , ent key streams. All the key 
streams are tested for more than 15 scenarios and were observed to p^^ljekests successfully. In table 1 we 
have highlighted only few test scenarios. Lempel-Ziv test result ha$ ^gpbeen tabulated for the reason that 
few of the parameters (mean and variance) required to calculatej^^pue in this test are not provided in the 
publication 800-22. So we neglect this test. 



VI. How Better is Our New 




Cipher Algorithm? 



Now that we have seen and analyzed the test re^T^for both RC4 and our new stream cipher based on 
dynamic S-box we should be able to differentiati^Crlevel of security provided by both the algorithms. 

We see that both RC4 as well as new str^n^rpher pass NIST tests. Now the improvement or the increase 
in amount of security provided by the/fieV^tream cipher lies solely in the fact that the S-box used for the 
implementation is highly unpredi^frleNwone of the existing stream ciphers are maldng use of S-box for the 
key stream generation which iteelf]3^T>ig plus point in our new stream cipher generation. 



No doubt RC4 has been^JaSwiost widely used stream cipher so far because of its simplicity of 
implementation; we see^MwIiere are still few loopholes in RC4 as mentioned in literature survey. So our 
new stream cipher wouw^jyobably be the better choice for more advanced applications. 



Table 1 P-values for new key stream 
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VI. Con 

Now that we have seen and analyzed the test rasuks^or both RC4 and our new stream cipher based on 
dynamic S-box we should be able to differentiafN^pievel of security provided by both the algorithms. 

The work concentrates only on the devAjpt^nent of a new stream cipher based on AES dynamic S-box. 
While doing this we have given much /usnon to the randomness of the generated stream rather than how 
fast our algorithm runs. Hence pewEdtStfrce analysis of the stream cipher algorithm that we have developed 
is still pending and to be take« as n^Tpart of future work. For checking the performance of the algorithm 
through software implementatf^^we can go for a high level language like C/C++ and a better operating 
system like Linux of higher/^!r5rois. We can also go for checking our stream cipher performance pertaining 
to a specific applicatiorj^Kwfnis we can select any of the existing communication system where there is 
high requirement fojwel^jjyption and decryption of data. Any security driven DSP application would be 
suitable choice fojj 
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